Anonsec hackers, a hacking collective that has been alive for the past 4 years, hacked into NASA and leaked over 276GB of internal data after trying to crash a drone worth $222.7 million right into the ocean.
The Anonsec admin Dêfãult Vírüsa released the information to Infowars Sunday, including 631 videos from aircraft and weather radars, 2,143 flight logs as well as the names, emails, and phone numbers of 2,414 NASA employees.
Anonsec published a zine (password: anonsec), or self-published paper detailing what they dubbed “OpNasaDrones,” revealing why the Anonsec group hacked NASA and the specifics behind the technical vulnerabilities they exploited to gain access to NASA’s protected systems.
“NASA has been breached more times than most people can honestly remember… However, this hack into NASA wasn’t initially focused on drones [sic]data and upper atmosphere chemical samples. In fact the original breach into NASA systems wasn’t even planned, it was caught up in a gozi virus spread,” the hackers explained to Infowars, referring to the notorious trojan virus that has infected more than one million computers to date!
Shortly after accidentally breaking into their initial system, the group began to test just how many machines they could break into and root, a term that means to take complete control of the server, similar to that of an administrator.
Anonsec said after targeting and planning their operation they began, however when they began to brute force the server it took a mere “0.32” seconds to break in due to the servers credentials being left as default. This allowed them to scope out the network even further after running a hidden packer sniffer (tcpdump) within the network.
According to the self-published paper, the hackers had various jobs scouring the network and analyzing data including “different missions, airbases and aircraft” within the breached network. Public missions including “OIB – Operation Ice Bridge” and drones such as “Global Hawk” were among the information listed.
Other members prowled deeper through the agency’s system, hacking into security cameras and even uncovered the schematics to one base’s camera layout. Other Anonsec members hacked into the networks of Glenn Research Center, Goddard Space Flight Center and Dryden Flight Research Center.
Once inside and analyzing the network, the group began uncovering various systems and network devices “popping up in scans that were not previously visible.” Again, hackers sniffed the network and gained access to the system administrator account, giving the attackers full root access once again, but this time to three additional network-attached storage (NAS) devices whose main task it was to keep backups of aircraft flight logs.
“Now we had all 3 NAS devices automatically making copies of the logs as they are uploaded from the drones and renaming them to look like semi ordinary index files,” Anonsec said, poking fun at the system administrator for their poor security.
Deep sea diving with a $222.7 million drone
After Anonsec setup an external server for NASA’s hacked network to leak information too, analysis of incoming data sparked hackers interests in what they described as “weird traffic.”
After analyzing the traffic the group concluded it consisted of “pre-planned route option” files which NASA uploads prior to any takeoff.
After protest from several group members, Anonsec said it decided to carry out a man-in-the-middle (MiTM) attack several months later that not only replaced the drones configured route, but directed it to crash right into the ocean.
“Several members were in disagreement on this because if it worked, we would be labeled terrorists for possibly crashing a $222.7 million US Drone… but we continued anyways lol,” hackers said.
A screenshot provided by the hackers shows their intended flight path, which can be seen navigating directly into the ocean. However after inserting their flight path, a drone pilot on the ground presumably noticed the aircraft’s suspicious behaviors, forcing NASA to restore manual control and re-enter the coordinates.
“This recreated flight is from our attempt to crash the GlobalHawk [sic]into the Pacific Ocean but seemed to have been taken off of the malicious pre-planned route and was controlled via SatCom [sic]by a pilot once GroundControl [sic]realized,” the hackers explained.
Soon after their drone plan was foiled the group lost complete access to NASA’s networks.
“Whether it was the high amount of traffic sending drone logs across their compromised network or the attempted crashing of a GlowbalHawk [sic]that caused them to FINALLY inspect their networks, we don’t know. But it went down for a while soon after.”
Why hackers targeted NASA
Hundreds of gigabytes worth of information has been leaked by the hackers through a series of torrents available for download.
Anonsec’s zine cites their motive behind the attack, specifically pointing to climate engineering methods such as cloud seeding and geoengineering.
“One of the main purposes of the Operation was to bring awareness to the reality of Chemtrails/CloudSeeding/Geoengineering/WeatherModification, whatever you want to call it, they all represent the same thing. NASA even has several missions dedicated to studying Aerosols [sic]and their affects on the environment and weather, so we targeted their systems,” the zine explained.
Cloud seeding is a weather modification technique that uses silver iodide to create precipitation in clouds, a tactic most famously executed by the U.S. military under “Operation Popeye” during the Vietnam war.
Gerenginnering, according to NASA’s Erik Conway, involves “injecting sulfate particles into the upper atmosphere – essentially mimicking a large volcanic eruption,” in an attempt to reflect sunlight away from the planet.
After linking to several media outlets covering these climate operations, the hackers argue that if geoengineering and weather modification “are all publicly acknowledged as real, why are Chemtrails [sic]discredited when its [sic]literally the same exact thing just with a different name.”
“We find it staggering how many people still dont [sic]believe the federal government is doing this when its [sic]already public knowledge that the CIA is funding studies, certain states and countries already have WeatherModification [sic]programs in place for the past several years, not to mention all the government whistleblowers.”
NASA: “Deny, Deny, Deny”
According to NASA the drone hijacking never occurred, nor did any breach within their network:
“Control of our global hawk aircraft was not compromised. NASA has no evidence to indicate the alleged hacked data are anything other than already publicly available data. NASA takes cybersecurity very seriously and will continue to fully investigate all of these allegations. NASA strives to make our scientific data publically available, including large data sets, which seems to be how the information in question was retrieved.”
Anonsec’s administrator has confirmed that no one involved in NASA’s breach has been apprehended by law enforcement.
“People might find this lack of security surprising but its [sic]pretty standard from our experience,” the hackers said. “Once you get past the main lines of defense, its [sic]pretty much smooth sailing propagating through a network as long as you can maintain access.”
[Photo via JD Hancock/Flickr (CC BY 2.0)]